From 762eba0553917215d158eac8575ac0437c3216a7 Mon Sep 17 00:00:00 2001
From: zxl <763096477@qq.com>
Date: 星期四, 07 八月 2025 16:47:07 +0800
Subject: [PATCH] 订单敏感信息，以及导出权限控制

---
 framework/src/main/java/cn/lili/modules/order/order/serviceimpl/OrderServiceImpl.java |   37 ++++++++++++++++++++++++++++++++++---
 1 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/framework/src/main/java/cn/lili/modules/order/order/serviceimpl/OrderServiceImpl.java b/framework/src/main/java/cn/lili/modules/order/order/serviceimpl/OrderServiceImpl.java
index aa53528..5c2b8ff 100644
--- a/framework/src/main/java/cn/lili/modules/order/order/serviceimpl/OrderServiceImpl.java
+++ b/framework/src/main/java/cn/lili/modules/order/order/serviceimpl/OrderServiceImpl.java
@@ -16,6 +16,7 @@
 import cn.lili.common.event.TransactionCommitSendMQEvent;
 import cn.lili.common.exception.ServiceException;
 import cn.lili.common.properties.RocketmqCustomProperties;
+import cn.lili.common.security.AuthUser;
 import cn.lili.common.security.OperationalJudgment;
 import cn.lili.common.security.context.UserContext;
 import cn.lili.common.security.enums.UserEnums;
@@ -25,6 +26,7 @@
 import cn.lili.modules.goods.entity.dos.Goods;
 import cn.lili.modules.goods.entity.dto.GoodsCompleteMessage;
 import cn.lili.modules.goods.service.GoodsService;
+import cn.lili.modules.lmk.enums.general.AdminRoleEnum;
 import cn.lili.modules.member.entity.dto.MemberAddressDTO;
 import cn.lili.modules.order.cart.entity.dto.TradeDTO;
 import cn.lili.modules.order.cart.entity.enums.DeliveryMethodEnum;
@@ -38,6 +40,9 @@
 import cn.lili.modules.order.trade.entity.dos.OrderLog;
 import cn.lili.modules.order.trade.service.OrderLogService;
 import cn.lili.modules.payment.entity.enums.PaymentMethodEnum;
+import cn.lili.modules.permission.entity.dos.AdminUser;
+import cn.lili.modules.permission.service.AdminUserService;
+import cn.lili.modules.permission.service.RoleService;
 import cn.lili.modules.promotion.entity.dos.Pintuan;
 import cn.lili.modules.promotion.service.PintuanService;
 import cn.lili.modules.store.entity.dto.StoreDeliverGoodsAddressDTO;
@@ -61,6 +66,7 @@
 import cn.lili.trigger.model.TimeTriggerMsg;
 import cn.lili.trigger.util.DelayQueueTools;
 import cn.lili.utils.COSUtil;
+import cn.lili.utils.CommonUtil;
 import com.baomidou.mybatisplus.core.conditions.Wrapper;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@@ -88,7 +94,7 @@
 import java.net.URLEncoder;
 import java.util.*;
 import java.util.stream.Collectors;
-
+import cn.lili.modules.permission.entity.dos.Role;
 /**
  * 瀛愯鍗曚笟鍔″眰瀹炵幇
  *
@@ -175,6 +181,12 @@
     private GoodsService goodsService;
     @Autowired
     private COSUtil cosUtil;
+    @Autowired
+    private AdminUserService adminUserService;
+    @Autowired
+    private RoleService roleService;
+
+
     @Override
     @Transactional(rollbackFor = Exception.class)
     public void intoDB(TradeDTO tradeDTO) {
@@ -233,8 +245,18 @@
         QueryWrapper queryWrapper = orderSearchParams.queryWrapper();
         queryWrapper.groupBy("o.id");
         queryWrapper.orderByDesc("o.id");
-        return this.baseMapper.queryByParams(PageUtil.initPage(orderSearchParams), queryWrapper);
+        IPage<OrderSimpleVO> page =  this.baseMapper.queryByParams(PageUtil.initPage(orderSearchParams), queryWrapper);
+
+        if (!adminUserService.havePermissionRole(AdminRoleEnum.ORDER_INFO_PERMISSION)){
+            for (OrderSimpleVO vo : page.getRecords()){
+                vo.setConsigneeName(CommonUtil.maskName(vo.getConsigneeName()));
+                vo.setConsigneeMobile(CommonUtil.maskMobile(vo.getConsigneeMobile()));
+            }
+        }
+        return page;
     }
+
+
 
     @Override
     public IPage<OrderSimpleXcxVO> queryByXcxParams(OrderSearchXcxParams orderSearchParams) {
@@ -376,8 +398,17 @@
 
     @Override
     public void queryExportOrder(HttpServletResponse response, OrderSearchParams orderSearchParams) {
+        List<OrderExportDTO> orderExportDTOS = this.baseMapper.queryExportOrder(orderSearchParams.queryWrapper());
 
-        XSSFWorkbook workbook = initOrderExportData(this.baseMapper.queryExportOrder(orderSearchParams.queryWrapper()));
+        if (!adminUserService.havePermissionRole(AdminRoleEnum.ORDER_INFO_PERMISSION)){
+            for (OrderExportDTO vo : orderExportDTOS){
+                vo.setConsigneeName(CommonUtil.maskName(vo.getConsigneeName()));
+                vo.setConsigneeMobile(CommonUtil.maskMobile(vo.getConsigneeMobile()));
+            }
+        }
+
+
+        XSSFWorkbook workbook = initOrderExportData(orderExportDTOS);
         try {
             // 璁剧疆鍝嶅簲澶�
             String fileName = URLEncoder.encode("璁㈠崟鍒楄〃", "UTF-8");

--
Gitblit v1.8.0